Phishing, ransomware instances drop in 2018, however SingHealth hack ‘stark reminder’ of cyberthreats: CSA

Phishing, ransomware instances drop in 2018, however SingHealth hack ‘stark reminder’ of cyberthreats: CSA

SINGAPORE: The variety of phishing assaults, ransomware incidents and web site defacements in Singapore dropped in 2018, but final July’s SingHealth hack – the nation’s most severe information breach in its historical past – is a “stark reminder” not be lulled into false safety.

Mr David Koh, CEO of the Cyber Safety Company (CSA), stated within the foreword of the Singapore Cyber Panorama 2018 report launched on Tuesday (Jun 18) that as cyberthreats develop in scale and class, it’s now not a query of “if” however “when” a web based assault will hit the nation.

“At the same time as we try to make our methods as safe as attainable, it’s crucial that we reply to an incident swiftly, robustly and decisively,” Mr Koh wrote, including that the SingHealth hack was a stark reminder to push additional in Singapore’s cybersecurity efforts collectively as a nation.

That stated, the most recent CSA report confirmed that there have been fewer incidents of sure types of cyberattacks.

Web site defacement, for one, fell from 2,zero40 instances in 2017 to 605 final 12 months – a 70 per cent decline, the company stated.

“Defacements are indicative of vulnerabilities current in an internet site’s underlying infrastructure. This can be a harbinger of extra damaging cyberattacks, equivalent to internet hosting malicious content material on the web site or utilizing it as a platform to launch assaults,” CSA stated.

These affected belonged to a spread of organisations equivalent to companies, media corporations and two authorities businesses. One sufferer was the Singapore web site of a significant Japanese promoting agency, which was compromised and changed by a message “Sec == ‘zero’” in January final 12 months, the report stated.


Moreover, a spike in defacements befell final November, and it was possible brought on by an attacker exploiting vulnerabilities in an unpatched Net server, it stated.

Web sites revealed on WordPress remained probably the most focused for defacements final 12 months, persevering with a development noticed since 2016, CSA stated. It added that greater than a 3rd of internet sites defaced in Singapore have been constructed on the platform.

In truth, even after WordPress launched an up to date model of its platform and SingCERT revealed an alert after to advise web site homeowners and Internet hosting suppliers to replace to the most recent model final July, about 40 per cent of defaced WordPress web sites have but to be patched as of this March.

When requested to elaborate on the explanation for the decline within the variety of instances, CSA informed CNA that it could be untimely to attribute the decline to any single issue seeing that the downward development has solely been for one 12 months. It could even be untimely to count on the decline to proceed, CSA added.

CSA did say, nevertheless, that there was larger consciousness of cyberthreats amongst organisations and the general public “given the intensive media protection of cyber breaches and cyber scams in Singapore and world wide”.


There was additionally a 30 per cent drop within the variety of phishing URLs with a Singapore hyperlink seen final 12 months, or particularly 16,100, the report stated.

There have been spikes within the variety of such phishing makes an attempt throughout main occasions, with the most important spike seen in Could forward of the United States-North Korea summit held in Singapore, it stated.

“(An) intelligence-gathering marketing campaign focused South Koreans with phishing emails. These contained malware that may very well be used for keylogging and executing malicious instructions on compromised units,” the report stated.

In the meantime, the variety of reported ransomware instances dropped from 25 in 2017 to 21 final 12 months, CSA stated, however it certified that the precise quantity could also be larger as “many go unreported”.

It added the ransomware assaults affected methods throughout a number of industries in Singapore, equivalent to development, training and meals and beverage.

One specific variant of ransomware, GandCrab, was highlighted because it was used to contaminate a non-public monetary establishment in Singapore final February. The report stated one of many establishment’s workers surfed a compromised web site and was duped into putting in a “font replace pack” for displaying the web site correctly, however it didn’t state if the ransom was paid on this occasion.

“Organisations have differing enterprise wants and priorities, and many don’t suppose that they’re possible targets of a cyberattack,” CSA stated, explaining why some don’t patch their IT methods as quickly as attainable.

“Some organisations can also select to delay system updates for concern of system slowdown or malfunction. However cyberthreats are right here to remain. Anybody could be a sufferer, and the attackers are always probing for weaknesses,” the company cautioned.

CSA additionally sounded a warning to small- and medium-sized enterprises (SMEs) which might be going digital, saying that enterprise e mail impersonation scams are anticipated to develop.

The Singapore Police Power noticed 378 such instances final 12 months, up from 332 instances in 2017, the report stated. Companies right here misplaced near S$58 million in whole, up about 31 per cent from 2017, it added.

Mr Lim Yihao, senior menace intelligence analyst at FireEye, informed CNA in an e mail that this discovering was “most regarding”.

“Companies are nonetheless falling sufferer to widespread techniques like enterprise e mail impersonation and e-commerce scams,” Mr Lim stated, including his suggestion for SMEs is to shore up e mail safety because it stays the highest assault vector.


Moreover trying again on the 12 months previous, CSA additionally reached for its crystal ball to take a look at cybersecurity traits for the long run, highlighting six to be careful for.

The six are:

• Extra frequent information breaches

Knowledge has develop into probably the most valued commodity on-line, which implies cybercriminals will attempt even more durable to breach laptop databases, significantly those who maintain giant quantities of personal and private data.

• Elevated menace to world provide chains

Cyberattackers will concentrate on disrupting provide chains, which have develop into extremely interconnected and automatic. Industries dominated by a couple of corporations are significantly susceptible.

• Extra disruptive assaults in opposition to the cloud

As extra databases are hosted on cloud computing methods, menace actors will eye potential vulnerabilities on this house for stealing information in addition to for different malicious goals.

• Larger dangers for good buildings, linked methods

With the proliferation of Web-of-Issues (IoT) units and linked industrial management methods, the chance of good buildings being attacked additionally will increase.

• Synthetic intelligence a double-edged sword

AI can considerably improve safety methods; capabilities equivalent to detecting anomalies, however on-line criminals can equally use the tech to seek for weaknesses in laptop methods.

• Biometric information to get extra priceless

As biometric authentication turns into more and more widespread, menace actors will shift to focus on and manipulate these to construct digital identities and achieve entry to non-public data. 

CSA chief David Koh stated the report is meant to offer helpful classes so Singapore can higher put together itself for the digital future.

“As we advance in the direction of our imaginative and prescient of a Sensible Nation, cybersecurity is an important prerequisite and key enabler – the invisible glue that instils belief and confidence in our digital plans,” Mr Koh stated.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.